Amendments to the Claims: 

This listing of claims will replace all prior versions, and listing of claims in the 
application: 

Listing of the Claims: 

1. (Currently Amended) A method for controlling exchange of private information 
associated with a client device, said method comprising: 

(a) receiving a request from the client device; 

(b) determining whether a privacy agreement is needed to respond to the 
request before private information associated with said client device is exchanged; 

(cl) negotiating a privacy agreement before private information associated with 
said client device is exchanged, wherein the privacy agreement includes a plurality of 
components and governs the exchange of the private information when said 
determining (b) determines that a privacy agreement is needed; 

(c2) determining whether a privacy agreement should be accepted bv 
examining at least one proposed privacy agreement which includes a plurality of 
components that govern the exchange of privacy information associated with 
said client: 

fc3) negotiating at least one component of said at least one proposed 
privacy agreement when said determining fc2) determines that a privacy 
agreement should not be accepted: 

fc4) generating an accepted privacy agreement as a set of rules that govern 
the exchange of private information when said determining (c2) determines that a 
privacy agreement should be accepted: and 

(d) thereafter producing a response to the reguest when said determining 
determines that a privacy agreement can be accepted . 
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2. (Original) A method as recited in claim 1 , wherein the private information 
includes location information of the client device. 

3. (Original) A method as recited in claim 1 , wherein said producing (d) comprises: 

(d1) receiving the private information associated with the client device; and 

(d2) producing the response to the request based at least in part on the private 
information. 

4. (Original) A method as recited in claim 3, wherein the private information 
includes location information of the client device. 

5. (Original) A method as recited in claim 4, wherein the client device is associated 
with a network, and 

wherein the location information is at least one of client-provided and network- 
provided. 

6. (Original) A method as recited in claim 3, wherein said method is performed on a 
server. 

7. (Original) A method as recited in claim 6, wherein the private information is 
attached to the request. 

8. (Original) A method as recited in claim 1 , wherein the client device is a wireless 
device. 

9. (Currently Amended) A method for exchanging private information associated 
with a client device to a server device via a proxy server, said method comprising: 
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establishing an authorization agreement that enables the proxy server to 
negotiate privacy agreennents with server devices on behalf of the client device^ 
wherein the privacy agreement defines a set of rules that govern the exchange of 
information between the client device and the server device : 

receiving a request at the proxy server; 

receiving a proposed privacy agreement from the server device associated with 
the request; 

negotiating the privacv agreement by the proxy server on behalf of the 
client device when not in accord with the authorization agreement : 

accepting the proposed privacy agreement as a privacy agreement by the proxy 
server for the client device when in accord with the authorization agreement; and 

providing the private information to the server device after said accepting 
ostab li shmont of the privacy agreement. 

10- (Currently Amended) A method as recited in claim 9, 

whoro i n sa i d m e thod furth e r compr i s e s: 

negot i ating tho privacy agroomont by tho proxy sorvor for the c li ont d e vic e 
whon not in accord with the authorizat i on agreem e nt, and 

wherein said providing the private information to the server device is 
performed after said accepting of the proposed privacy agreement as the privacy 
agreement or after said negotiating of the privacy agreement. 

1 1 . (Original) A method as recited in claim 9, wherein the private information 
includes location information of the client device. 

12. (Original) A method as recited in claim 1 1 , wherein the client device is 
associated with a network, and 

wherein the location information is at least one of client-provided and network- 
provided. 
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13. (Original) A method as recited in claim 1 1 , wherein the request is received at the 
proxy server and the response is produced by the server device. 

14. (Original) A method as recited in claim 13, wherein the request includes the 
private information associated with the client device. 

15. (Original) A method as recited in claim 14, wherein said providing operates to 
provide the private information to the server device after said accepting of the proposed 
privacy agreement as the privacy agreement or after said negotiating of the privacy 
agreement. 

16. (Original) A method as recited in claim 15, wherein said providing operates to 
refuse to provide the private information to the server device when both the proposed 
privacy agreement is not accepted and negotiating of the privacy agreement is 
unsuccessful. 

17. (Original) A method as recited in claim 9, wherein said method further 
comprises: 

determining whether an existing privacy agreement already exists for the server 
device and the client device; and 

bypassing said receiving of the proposed privacy agreement and said accepting 
of the proposed privacy agreement when said determining operates to determine that 
an existing privacy agreement already exists for the server device and the client device. 

18. (Original) A method as recited in claim 17, wherein said determining of an 
existing privacy agreement already exists comprises: 

identifying an existing agreement between the server device and the client 
device, the existing agreement having a predetermined coverage; and 
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determining whetiier the request is covered by the predetermined coverage of 
the identified existing agreement. 

19. (Currently Amended) A method for controlling exchange of private information 
associated with a client device supported by a carrier network infrastructure, said 
method comprising: 

(a) receiving a request from the client device, the request being directed to a 
server device; 

(b) determining whether a privacy agreement is needed to respond to the 
request; 

(b1) negotiating a privacy agreement that governs the exchange of the private 
information when said determining (b) determines that a privacy agreement is needed 
,wherein said negotiating comprises: 

determining whether a privacv agreement can be reached by examining at 
least one proposed privacy agreement which includes a plurality of components 
which define a set of rules governing the exchange of private information ; 

negotiating at least one component of said at least one proposed privacy 
agreement when said determining determines that a privacy agreement should 
not be accepted: 

(b2) generating an accepted privacy agreement as a document when said 
determining determines that a privacy agreement can be accepted, wherein said 
document includes one or more components that define the accepted privacy 
agreement : 

(c) determining, based on said accepted privacv agreement, whether the server 
device is authorized to receive the private information associated with the client device 
when said determining (b) determines that a pr i vacv aarooment is n ee d e d a privacy 
agreement can be reached ; and 

(d) providing the private information to the server device associated with the 
request when said determining (c) determines that the server device is authorized to 
receive the private information associated with the client device. 
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20. (Original) A method as recited in claim 19, wherein the client device is a wireless 
client device, and 

wherein the private information includes location information of the client device. 

21 . (Original) A method as recited in claim 19, wherein said method further 
comprises: 

(e) thereafter producing a response to the request at the server device. 

22. (Original) A method as recited in claim 21 , wherein said producing (e) 
comprises: 

(el) receiving the private information associated with the client device; and 

(e2) producing the response to the request based at least in part on the private 
information. 

23. (Original) A method as recited in claim 22, wherein the private information 
includes location information of the client device. 

24. (Original) A method as recited in claim 19, wherein the request includes a URL, 
and 

wherein said determining (c) comprises: 

(c1) comparing the URL of the request with a list of authorized URLs; and 

(c2) determining that the server device is authorized to receive the private 
information associated with the client device when said comparing (c1) determines that 
the URL of the request is found within the list of authorized URLs. 
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25- (Currently Amended) A system for controlling information exchange between a 
wireless client device and server devices, the wireless client device being supported by 
a wireless network, said system comprising: 

a proxy server device operatively connected between the wireless client device 
and the server device, wherein said proxy server device manages distribution of private 
information associated with the wireless client device to the server devices, and 
wherein said proxy server device includes at leasts 

a storage area, said storage area stores information received from at least 
one of the wireless client device and from the wireless network; [[and]] 

a privacy manager, said privacy manager operates to restrict the release 
of the information received from the wireless client device and the wireless network to 
the one or more of the server devices unless a suitable privacy agreement governing 
the use of the information is in place for the one or more server devices ; and 

wherein said privacv manager is capable of operating to: 

determine whether said privacv agreement can be accepted bv 
examining at least one proposed privacv agreement that includes a 
pluralitv of components which govern the exchange of privacv 
information associated with said client device; 

negotiating at least one component of said at least one 
proposed privacv agreement when said determining determines that 
a privacv agreement should not be accepted; and 

generating an accepted privacv agreement as a set of rules 
that govern the exchange of private information when said 
determining determines that a privacv agreement should be 
accepted. 

26. (Original) A system as recited in claim 25, wherein the information received from 
at least one of the wireless client device and the wireless network comprises location 
information associated with the location of the wireless client device. 
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27. (Original) A system as recited in claim 25, 

wherein the information received from the wireless client device and the wireless 
network comprises location information associated with the location of the wireless 
client device, and 

wherein said system further comprises: 

a location manager, said location manager performs a reconciliation 
and/or canonicalization process on the location information received from the wireless 
client device and the wireless network to produce a determined location. 

28. (Original) A system as recited in claim 27, wherein said privacy manager 
operates to restrict the release of the determined location to the one or more of the 
server devices unless a suitable privacy agreement governing the use of the determined 
location is in place for the one or more server devices. 

29. (Original) A system as recited in claim 28, wherein the suitable privacy 
agreement is provided in a markup language. 

30. (Original) A system as recited in claim 28, wherein said privacy manager can 
further negotiate with the one or more server devices to establish a suitable privacy 
agreement. 

A system as recited in claim 25, wherein said privacy manager can 
with the one or more server devices to establish a suitable privacy 



32. (Original) A system as recited in claim 25, wherein the information received from 
at least one of the wireless client device and the wireless network comprises subscriber 
information associated with the subscriber of the wireless client device. 



31. (Original) 
further negotiate 
agreement. 



Atty. Docket No,: UWP1P026AJP-1091 



Page 9 of 21 



Serial No.: 09/559,230 



33. (Original) A system as recited in claim 25, wherein the information includes 
private information and non-private information, and 

wherein said privacy manager restricts access to the private information but not 
the non-private information. 

34. (Currently Amended) A computer readable medium including computer program 
code for controlling exchange of private information associated with a client device, said 
computer readable medium comprising: 

computer program code for receiving a request from the client device; and 

computer program code for negotiating a privacy agreement that governs the 
exchange of the private information , wherein said negotiating comprises: 

determining whether a privacv agreement should be accepted by 
examining at least one proposed privacy agreement which includes a plurality of 
components that govern the exchange of privacy information associated with 
said client; 

negotiating at least one component of said at least one proposed privacy 
agreement when said determining determines that a privacy agreement should 
not be accepted: and 

generating an accepted privacy agreement as a set of rules that govern the 
exchange of private information when said determining determines that a privacy 
agreement can be accepted. 

35. (Currently Amended) A computer readable medium including computer 
program code for exchanging private information associated with a client device to a 
server device via a proxy server, said computer readable medium comprising: 

computer program code for establishing an authorization agreement that enables 
the proxy server to negotiate privacy agreements with server devices on behalf of the 
client device , wherein said privacy agreement governs the exchange of private 
information between said client device and said server devices : 

computer program code for receiving a request at the proxy server; 
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computer program code for receiving a proposed privacy agreement from the 
server device associated with the request; 

computer program code for accepting the proposed privacy agreement as a 
privacy agreement by the proxy server for the client device when in accord with the 
authorization agreement; [[and]] 

computer program code for providing the private information to the server device 
after establishment of the privacy agreement. 

36- (Currently Amended) A computer readable medium including computer 
program code for controlling exchange of private information associated with a client 
device supported by a carrier network infrastructure, said computer readable medium 
comprising: 

computer program code for receiving a request from the client device, the 
request being directed to a server device; 

computer program code for determining whether a privacv agreement can 
be accepted bv examining at least one proposed privacy agreement that governs 
that exchange of privacv information associated with said client device: 

computer program code for negotiating the privacv agreement by the 
proxy server on behalf of the client device when not in accord with the 
authorization agreement: 

computer program code for determining whether.the server device is authorized 
to receive the private information associated with the client device; and 

computer program code for providing the private information to the server device 
associated with the request when said determining determines whether the server 
device is authorized to receive the private information associated with the client device. 

37. (Currently Amended) A method as recited in claim 1 , wherein said accepted 
privacy agreement includes the following principle components: a PROP, an 
agreelD, a final, a propURI, a postURL, a realm, an entity, an assurance, an 
agrexp, and an optional principal component, said m e thod furth e r compr i s e s : 
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gen e rat i ng sa i d pr i vacy agroem e nt; and 

not e xchang i ng pr i vat e i nformation w l i i c l i is not gov e rn e d by said pr i vacy 
agroom e nt . 

38. (Currently Amended) A method as recited in claim 1 , 

wherein said privacy agreement is negotiated in accordance with a Platform for 
Privacy Preferences (P3P) protocol , and 

wherein said accepted privacy agreement includes one or more of the 
following principle components: a PROP, an agreelD, a final, a propURL a 
postURL, a realm, an entity, an assurance, an agrexp, and an optional principal 
component . 

39. (Previously Presented) A method as recited in claim 1, wherein said method 
further comprises: 

providing an accepted privacy agreement in a markup language. 

40. (Currently Amended) A method as recited in claim [[1]] 39, wherein said markup 
language can be XML, HTML, WML, and HDML. 

41. (New) A method for controlling exchange of information between a plurality of 
entities, said method comprising: 

presenting, by a first entity, a proposed agreement that governs the exchange of 
information with said first entity, wherein said proposed agreement includes a plurality 
of components that define a set of rules which govern said exchange of information; 

evaluating, by a second entity, said proposed agreement, to determine whether 
said proposed agreement should be accepted; 

determining whether at least one component of said proposed agreement can be 
negotiated, wherein said negotiating comprises: 

defining said at least one component of said proposed agreement; 
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determining whether said defined component is acceptable; and 

redefining said at least one component when said determining determines 
that said defined component is not acceptable; and 

accepting said at least one component of said proposed agreement when 
said determining determines that said at least one component of said proposed 
agreement can be negotiated. 
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